[BUG] bind command leads to invalid state where plaform data is NULL

Heinrich Schuchardt xypron.glpk at gmx.de
Sun Jun 18 12:11:54 CEST 2023 

Hello Simon,

from origin/next I build qemu_arm64_defconfig with CONFIG_CMD_BIND=yes.

I ran the image with:

qemu-system-aarch64 -semihosting \
     -machine virt,gic-version=max -accel $(ACCEL) -m 1G -smp cores=2 \
     -bios u-boot.bin -cpu $(CPU) -nographic -gdb tcp::1234 \
     -netdev user,id=eth0,tftp=tftp -device e1000,netdev=eth0,romfile= \
     -drive if=none,file=arm64.img,format=raw,id=mydisk \
     -drive if=pflash,format=raw,index=1,file=envstore.img \
     -device virtio-rng-pci \
     -device ich9-ahci,id=ahci -device ide-hd,drive=mydisk,bus=ahci.0

=> scsi bind
=> dm tree
  Class     Index  Probed  Driver                Name
-----------------------------------------------------------
  root          0  [ + ]   root_driver           root_driver
  pci           0  [ + ]   pci_generic_ecam      |-- pcie at 10000000
  pci_generi    0  [   ]   pci_generic_drv       |   |-- pci_0:0.0
  ahci          0  [ + ]   ahci_pci              |   `-- ahci_pci
  scsi          0  [ + ]   ahci_scsi             |       `-- ahci_scsi
  blk           0  [ + ]   scsi_blk              |           |--
ahci_scsi.id0lun0
  partition     0  [ + ]   blk_partition         |           |   |--
ahci_scsi.id0lun0:1
  partition     1  [ + ]   blk_partition         |           |   `--
ahci_scsi.id0lun0:15
  bootdev       2  [   ]   scsi_bootdev          |           `--
ahci_scsi.id0lun0.bootdev
=> unbind blk 0
=> dm tree
  Class     Index  Probed  Driver                Name
-----------------------------------------------------------
  root          0  [ + ]   root_driver           root_driver
  pci           0  [ + ]   pci_generic_ecam      |-- pcie at 10000000
  pci_generi    0  [   ]   pci_generic_drv       |   |-- pci_0:0.0
  ahci          0  [ + ]   ahci_pci              |   `-- ahci_pci
  scsi          0  [ + ]   ahci_scsi             |       `-- ahci_scsi
  bootdev       2  [   ]   scsi_bootdev          |           `--
ahci_scsi.id0lun0.bootdev
=> bind scsi 0 scsi_blk
=> dm tree
  Class     Index  Probed  Driver                Name
-----------------------------------------------------------
  root          0  [ + ]   root_driver           root_driver
  pci           0  [ + ]   pci_generic_ecam      |-- pcie at 10000000
  pci_generi    0  [   ]   pci_generic_drv       |   |-- pci_0:0.0
  ahci          0  [ + ]   ahci_pci              |   `-- ahci_pci
  scsi          0  [ + ]   ahci_scsi             |       `-- ahci_scsi
  bootdev       2  [   ]   scsi_bootdev          |           |--
ahci_scsi.id0lun0.bootdev
  blk           0  [   ]   scsi_blk              |           `-- scsi_blk
=> part list scsi 0
dev_get_uclass_plat: null device
"Synchronous Abort" handler, esr 0x96000004, far 0xd503201f14000072
elr: 000000000003392c lr : 0000000000033924 (reloc)
elr: 000000007ff1492c lr : 000000007ff14924
x0 : d503201f1400000a x1 : 0000000000000000
x2 : 0000000000000090 x3 : 0000000000000013
x4 : 000000007eda0419 x5 : 0000000000000020
x6 : 00000000ffffffd0 x7 : 000000007eda06b0
x8 : 0000000000000010 x9 : 0000000000000000
x10: 0000000000000006 x11: 000000000001869f
x12: 0000000000000016 x13: 0000000000000004
x14: 0000000000000000 x15: 000000007eda073c
x16: 000000007ff2547c x17: 0000000000000000
x18: 000000007eea0db0 x19: 0000000000000000
x20: 0000000000000000 x21: 0000000000000001
x22: 0000000000000000 x23: 000000007eda0740
x24: 0000000000000000 x25: 0000000000000000
x26: 0000000000000000 x27: 0000000000000000
x28: 0000000000000000 x29: 000000007eda06d0

Code: aa0303f7 94000287 aa0003f4 f9400260 (f9403418)
Resetting CPU ...

The crash occurs in blk_read(). blk_read() does not check if desc == NULL.

I would have expected "bind scsi 0 scsi_blk" to create a valid state
where the platform data is set up.

Best regards

Heinrich

More information about the U-Boot mailing list